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DETAILED ACTION 

1 . Claims 1 - 38 have been presented for examination. Claims 1 - 35 have been 
amended in an amendment filed 10/21/2005. Therefore, presently pending claims are 1 

- 38. • 

Response to Arguments 

1 . Applicant's arguments filed on 1 0/21 /2005 with respect to the subject matter of 
the instant claims have been fully considered but are not persuasive. 

2. As per claim 1 , Applicant asserts: "Ginter does not contemplate the use of an 
encrypted header or security information which contemplates who and how a file can be 
accessed". Examiner notes Applicant's arguments have been fully considered but are 
not persuasive because Ginter discloses the private (or encrypted) header may include 
a part or all of the information in the public header and further will include additional 
data for validating and identifying the object when a user attempts to register as a user 
of the object with a service clearinghouse. Alternatively, information identifying one or 
more rights owners and/or distributors of the object may be located in encrypted form 
within encrypted header, along with any of said additional validating and identifying data 
(Ginter; Column 128 Line 14 ~ 24). Therefore, Ginter does teach the use of an 
encrypted header or security information which contemplates who and how a file can be 
accessed and as such applicant's arguments are respectfully traversed. 
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3. As per claim 17, Applicant remarks: "Ginter does not teach having encrypted 
security information within the header, whereby the encrypted security information 
comprises access rules because the permission records, as taught by Ginter, are not 
encrypted security information in a header (i.e., the private header in Ginter) of a 
secured file as contemplated by claim 17". Examiner notes Applicant's arguments have 
been fully considered but are not persuasive because Ginter discloses permission 
records and key blocks for each property indeed can be encrypted with a private DES 
key (Ginter: Column 129 Line 18-20 and Figure 17). 

4. As per claim 33, Applicant remarks: "Ginter does not contemplate having a 
header comprising the encrypted security information". See same rationale of 
responses to arguments applies herein as above in rejecting the claim 1. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraph of 35 U.S.C. 102 that 
forms the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 



2. Claims 1 - 37 are rejected under 35 U.S.C. 102(e) as being anticipated by Ginter 
(Patent Number: 6253193). 
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As per claim 1 and 33, Ginter teaches a system for providing access control 
management to electronic data, wherein the electronic data is structured in a format that 
provides restricted access to the electronic data therein, the format comprising: 

a header including security information as to who and how a file including the 
electronic data can be accessed (Ginter: Ginter: Column 128 Line 14-24, Column 128 
Line 25 - 40 and Column 32 Line 34 - 39); 

an encrypted data portion including the file encrypted with a file key according to 
a predetermined cipher scheme (Ginter: Column 128 Line 41 -65); and 

wherein the header is attached to the encrypted data portion to generate a 
secured file (Ginter: Figure 17 & 18). 

As per claim 17, Ginter teaches a system for providing access control 
management to electronic data, wherein the electronic data is structured in a format that 
provides restricted access to the electronic data therein, the format comprising: 

a header including a file key encrypted and a rule block having N encrypted 
segments, each of the N encrypted segments including a set of access rules facilitating 
the restricted access to a file including the electronic data, wherein N >= 1 (Ginter: 
Figure 17 &18, Column 129 Line 18-20 and Column 128 Line 45 - 65); 

an encrypted data portion including the electronic data encrypted according to a 
predetermined cipher (Ginter: Column 128 Line 41 - 65); 

wherein the header is attached to the encrypted data portion to generate a 
secured file; and the file key can be retrieved to decrypt the encrypted data portion only 
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when the access vales in one of the N encrypted segments are measured successfully 
against access privilege associated with a user accessing the, secured file (Ginter: 
Figure 18 and Column 128 Line 45 - 65). 

As per claim 2, Ginter teaches the security information in the header of the 
secured file facilitates the restricted access to the file (Ginter: Column 128 Line 25 - 
40). 

As per claim 3 and 35, Ginter teaches the security information is encrypted with a 
user key associated with a user (Ginter: Column 14 Line 40 - 43). 

As per claim 4 and 36, Ginter teaches the user is a member selected from a 
group consisting of a human user, a software agent, a device and a group of users; and 
wherein the user is granted access privilege to access the file (Ginter: Column 123 Line 
38-41). 

As per claim 5, Ginter teaches the security information includes the file key and 
access rules to the restricted access to the file (Ginter: Column 130 Line 35-40, 
Column 128 Line 25-40 and Figure 17 & 18). 
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As per claim 6, Ginter teaches the file key is retrieved to decrypt the encrypted 
data portion in the secured file when the access privilege of the user is within access 
permissions by the access rules (Ginter: Column 128 Line 25 - 65). 

As per claim 7 and 26, Ginter teaches the access rules are expressed in a 
markup language (Ginter: Column 141 Line 36: SGML). 

As per claim 8 and 27, Ginter teaches the markup language is Extensible Access 
Control Markup Language (Ginter: Column 141 Line 36: SGML), 

As per claim 9 and 28, Ginter teaches the markup language is selected from a 
group consisting of HTML, XML and SGML (Ginter: Column 141 Line 36). 

As per claim 10, Ginter teaches the secured file is configured to have a file 
extension identical to what the file originally has so that an application designated to 
access the file can be executed to access the secured file (Ginter: Figure 17 and 
Column 14 Line 21 -28). 

As per claim 1 1 , Ginter teaches the security information includes a flag to the 
application that the secured file being accessed can not be accessed as it normally 
does (Ginter: Column 137 Line 63 - 66). 
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As per claim 12, Ginter teaches the flag Is configured to be placed in a position of 
the secured file so that the flag will be accessed first when the secured file is accessed 
by the application (Ginter: Column 1 37 Line 63 - 66). 

As per claim 13, Ginter teaches the security information includes the file key and 
access rules, the access rules controlling who and how the secured file can be 
accessed, and wherein the security information in the header is organized in such a way 
that the application is paused, upon detecting that the secured file is being accessed, 
for an access control module to determine whether a user requesting the secured file 
has proper access privilege to do so with respect to thE; access rules in the security 
information (Ginter: Column 128 Line 25 -40). 

As per claim 14, Ginter teaches the access control module operating in a path 
through which the secured file is confined to be loaded into the application (Ginter: 
Column 23 Line 56 and Column 23 Line 67). 

As per claim 15, Ginter teaches the file key is a symmetric cipher key (Ginter: 
Column 200 Line 28). 

As per claim 16, Ginter teaches the file is one or more of a document, a 
multimedia file, a set of dynamic or static data, a sequence of executable code, an 
image and a text (Ginter: Column 14 Line 5-28). 
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As per claim 18, 22 and 34, Ginter teaches the header further includes a user 
block having user information identifying who can access the secured file (Ginter: 
Column 128 Line 31). 

As per claim 19, Ginter teaches the header further includes each of the N 
encrypted segments of the mie block includes policies how the secured can be 
accessed (Ginter: Column 23 Line 44-45 and Figure 18 Element 812a - 81 2n). 

As per claim 20, Ginter teaches the user block includes N encrypted segments, 
each including the file key (Ginter: Column 128 Line 45 - 65). 

As per claim 21 , Ginter teaches each of the N encrypted segments of the user 
block corresponds to one of the N encrypted segments of the rule block (Ginter: Column 
128 Line 45-65). 

As per claim 23, Ginter teaches each of the N encrypted segments of the user 
block further includes cipher information about the predetermined cipher to facilitate a 
decryption process of the encrypted data portion with the file key (Ginter: Column 128 
Line 25 - 65 and Figure 18). 
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As per claim 24, Ginter teaches the access rules in each of the N encrypted 
segments of the rule block determine at least an action with which the secured 
document can be accessed by a user associated with one of the N encrypted segments 
of the user block (Ginter: Column 128 Line 45 - 65 and Figure 18). 

As per claim 25, Ginter teaches the action includes one or more of commands: 
open, export, read, edit, play, listen to, print or fonA^ard and attach (Ginter: Column 128 
Line 45-65). 

As per claim 29, Ginter teaches the N encrypted segments of the user block are 
respectively encrypted with tine file key (Ginter: Column 128 Line 45 - 65). 

As per claim 30, Ginter teaches an authorized user associated with one of the 
encrypted segments of the user block can view the access rules of 
each of the N encrypted segments of the rule block when access privilege of the 
authorized user is measured successfully with the access rules in one of the N 
encrypted segments in the rule block associated with the authorized user (Ginter: 
Column 128 Line 30 - 36 and Figure 18). 

As per claim 31 , Ginter teaches the authorized user can update the access rules 
of each of the N encrypted segments of the rule block (Ginter: Column 29 Line 44 - 47, 
Column 32 Line 30 - 39 and Figure 18). 
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As per claim 32, Ginter teaches the N encrypted segments of the user block 
remain encrypted every time the secured file is stored in a storage space (Ginter: 
Column 222 Line 23 - 26). 

As per claim 37, Ginter teaches obtaining the access rules from either a default 
setting for a file place in which the secured file is to be placed or a manual setting in 
accordance with access privilege associated with a user who is creating the secured file 
(Ginter: Column 128 Line 25 - 40). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claim 38 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ginter 
(Patent Number: 6253193), in view of Folmsbee (Patent Number: 6308256). 
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As per claim 38, Ginter teaches if the secured file is newly generated, generating 
the file key from the predetermined cipher (Ginter: Column 206 Line 16 - 21); 

However. Ginter does not teach if the secured file is being stored in a storage 
place, retrieving the file key from a memory store; and deleting the file key from a 
memory store as soon as the secured file is stored in the storage place. 

Folmsbee teaches if the secured file is being stored in a storage place, retrieving 
the file key fi-om a memory store; and deleting the file key from a memory store as soon 
as the secured file is stored in the storage place (Folmsbee; Column 16 Line 4: key 
expirary event as taught by Folmsbee could be real-time (i.e. immediately after use) or 
number of uses - e.g. Examiner is interpreting the number of uses to be one which 
would meet the Applicant's claimed language). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Folmsbee within the system of Ginter 
because Folmsbee teaches providing secure transfer of electronic content through open 
channel such as internet by using a secure key in configuring the encrypted software 
(Folmsbee: Column 3 Line 18-32 and Column 3 Line 41 -43). 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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